<?php

/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */
    session_start();
    
    if(isset($_SESSION["userID"]) && !strcmp($_SESSION["userType"], "manager")){
        $productName = $_GET["productName"];
        $categoryID = $_GET["categoryID"];
        $startDate = $_GET["startDate"];
        $endDate = $_GET["endDate"];
        
        
        $con = mysql_connect("localhost", "zhouzhao", "19831022");
        if(!$con){
            die("could not connect to DB: ".mysql_error());
        }
        
        mysql_select_db("cloudcom", $con);
        
        $sql = "select distinct * from orders O, items I, products P, customers C where C.customerID=O.customerID and O.orderID = I.orderID and I.productID=P.productID";
        
        if (strlen($productName) != 0) {
            $sql = $sql." and P.productName='$productName'";
        }
        
        if (strlen($categoryID) != 0) {
            $sql = $sql." and P.categoryID=$categoryID";
        }
        
        if(strlen($startDate) != 0){
            $sql = $sql." O.orderDate>='$startDate'";
        }
    
        if(strlen($endDate) != 0){
            $sql = $sql." O.orderDate<='$endDate'";
        }
        
        $result = mysql_query($sql);
        
        echo "query: $sql";
        echo "<table border='1' id='orderTable'>
        <tr>
            <th>Customer Name</th>
            <th>Order date</th>
            <th>Total price</th>
            <th>Product name</th>
            <th>Product quantity</th>
            <th>Product price</th>
        </tr>";
        
        while($row = mysql_fetch_assoc($result)){
            echo "<tr>";
            echo "<td>".$row["firstName"]." ".$row["lastName"]."</td>";
            echo "<td>".$row["orderDate"]."</td>";
            echo "<td>".$row["totalPrice"]."</td>";
            echo "<td>".$row["productName"]."</td>";
            echo "<td>".$row["productQuantity"]."</td>";
            echo "<td>".$row["productPrice"]."</td>";
            echo "</tr>";
        }
        echo "</table>";
        
    }else{
        require 'login.html';
    }
?>
